How to Find What Virus was Removed

Posted By
On
November 9, 2004 @ 1:19 PM
In
Security Help |
No Comments

How to Find What Virus was Removed

In my security articles over the past few weeks I have tried to keep you posted on potential threats. Informing you not only about specific virus threats but also trying to bring everyone up to speed on other aspects of security issues. This week is no different; I have a couple of techniques you can use to see what kind of virus is hitting your PC. This procedure is primarily for Outlook and Outlook Express users that don’t have the luxury of having their email scanned for them like most web based email. Also we are using Norton AntiVirus 2004 and Mcafee Virusscan ver 8.0 in our security demonstration this week.

When I get into work and check my emails my Norton pops up every now and then in the corner and let’s me know that one of my incoming emails has a virus threat. Usually I just go about my business, and simply rest assured that my antivirus software is doing its job. Every now and then I notice an influx of viral activity in my email account and I want a little more information on what’s trying so hard to infect my PC or if there’s a pattern at all. There are a couple of ways to do this, and there are some similarities and differences between the ways that the two leading anti virus programs do this.

Norton does a great job of protecting me from viruses. It will pop up and let me know that it is scanning outgoing and incoming mail. While receiving email, if the program runs across a virus it will pop up a save window letting me know where the backup file is being saved, This is usually the quarantine folder within the Norton program. With Outlook / Outlook Express simply right click the paperclip icon in the preview pane. You’ll see that the attachment is called “Norton AntiVirus Deleted1.txt”—left click the file.

A message will come up in notepad telling you the name of the infected document that was removed and what virus it contained.

McAfee has very similar features: it scans my incoming and outgoing mail and it pops up to let me know when there’s a threat in my email. The pop up window in McAfee also has the name of the potential virus with a link to more information concerning the virus in question.

This is nice and because you can see the threat without going though the procedure of clicking the paperclip for the name of the virus like in the before mentioned Norton antivirus. However, you can view the virus information by clicking on the paperclip like you do with Norton if you didn’t catch the virus name in the initial pop up and would like view information on it.

Both McAfee and Norton have virus information sections of their website. This is a good place to take any information that you have gathered on the virus or threat, and plug it in. This can give you a really good idea about what’s going on in your system and over time make you a virus expert.